Feds Say Time to Prep for Y2Q Quantum Computer Hacking

Quantum computing promises future benefits, but also poses present-day cybersecurity risks that the federal government is urging commercial businesses to prepare for now. In fact, a law passed in December, the Quantum Computing Cybersecurity Preparedness Act, requires federal agencies to develop security plans addressing the vulnerability posed by the so-called “Y2Q” moment. Quantum computers are so quick and efficient as to be able to crack virtually any encryption. Although quantum computing is still in the development stage, the machines are expected to reach practical operability by 2030.

Right now, there are multiple quantum systems in development from companies including Alphabet, Amazon, IBM, Microsoft, D-Wave and others. The next-generation technology results in a computer 158 million times faster than today’s most powerful supercomputers.

“It is a device so powerful that it could do in four minutes what it would take a traditional supercomputer 10,000 years to accomplish,” writes Live Science.

That mathematical sophistication will enable quantum machines to “reliably extract the right answer from the superposition of all answers,” says Naked Security, “cracking puzzles that are currently considered computationally infeasible.”

“Information protected using today’s methods of encryption will be at risk of exposure with the advance of quantum computing,” reports Bloomberg Law in a deep dive on the new legislation. While federal and intelligence agencies are leading preparations to harden the U.S. for what Bloomberg calls “a potential quantum-driven breakdown in digital defenses,” corporate America is also advised to step up efforts.

The urgency is especially great for enterprise firms protecting intellectual property, for whom “quantum computers could pose an ‘existential threat,’” Denis Mandich, formerly with U.S. intelligence and co-founder of Qrypt, tells Bloomberg.

State-sponsored hackers and cybercrime syndicates often collect encrypted information they can unlock in the future, as compute power improves, known as “steal now, decrypt later,” or SNDL. Because of that, some experts believe quantum computing will advance enough to pose a threat “in the next five to 10 years,” according to Infosecurity Magazine.

But the situation is “something we can work around” by creating other approaches to cryptography that are resistant to quantum attacks, University of Maryland computer science professor Andrew Childs tells Bloomberg. Vaultree is an encryption-as-a-service company that says it’s developed a codec that works seamlessly with existing database solutions and can ramp up to quantum protections.

Skip Sanzeri, founder and COO of QuSecure, another quantum cybersecurity specialty outfit, writes in Forbes that substantive documentation exists indicating adversarial nation-states are already “stealing vast amounts of data that is currently encrypted but will be decrypted when a quantum computer with enough power is available.”

No Comments Yet

You can be the first to comment!

Leave a comment

You must be logged in to post a comment.